Get a single audit log entry by ID
Returns the full detail of a single audit log entry by ID. Each entry includes the actor
(user ID or API key ID), timestamp, resource type, resource ID, action performed, and a
structured changes object showing before and after values for every modified field.
Requires audit:read scope.
Authorizations
API key issued per entity via Settings > Developers > API Keys.
Each key carries scopes (e.g. orders:read, products:write).
Bearer token format: Authorization: Bearer ark_live_ent_
Test keys use ark_test_ent_. Both are issued per entity
via Settings > Developers > API Keys.
Path Parameters
Query Parameters
actor: resolve actor name/email from users table. resource: join full resource row (product, order, account, etc.). diff: include before_state, after_state, diff JSONB. chain: include prev_hash, entry_hash, archived_at.
actor, resource, diff, chain Response
Single audit log entry
A single audit log entry from activity_log. Audit log entries are created automatically by canonical handlers via logActivity() and are immutable. The public API exposes read-only access only (Rule 20, append-only design). Chain integrity fields (prev_hash, entry_hash) are included when expand[]=chain is requested.
audit_log_entry Actor who performed the action. Resolved from metadata.actor JSONB.
Dot-namespaced action slug, e.g. order.created.
Arbitrary JSONB payload. Internal keys (_actor, _api_key_id, etc.) prefixed with underscore.
info, warning, critical, security success, failure State before the action. Present when expand[]=diff.
State after the action. Present when expand[]=diff.
Computed diff of before/after state. Present when expand[]=diff.
Cryptographic chain fields. Present when expand[]=chain.

